fix(ban): Don't allow banning in one-to-one conversations

Signed-off-by: Joas Schilling <coding@schilljs.com>
2025-12-18 05:20:50 +01:00 · 2024-08-12 15:16:49 +02:00 · 2024-08-12 15:16:49 +02:00 · 13bd181a9a
commit 13bd181a9a
parent d012784dde
8 changed files with 27 additions and 13 deletions
--- a/lib/Controller/BanController.php
+++ b/lib/Controller/BanController.php
@ -40,7 +40,7 @@ class BanController extends AEnvironmentAwareController {
 	 * @param 'users'|'guests'|'ip' $actorType Type of actor to ban, or `ip` when banning a clients remote address
 	 * @param string $actorId Actor ID or the IP address or range in case of type `ip`
 	 * @param string $internalNote Optional internal note (max. 4000 characters)
-	 * @return DataResponse<Http::STATUS_OK, TalkBan, array{}>|DataResponse<Http::STATUS_BAD_REQUEST, array{error: 'bannedActor'|'internalNote'|'moderator'|'self'}, array{}>
+	 * @return DataResponse<Http::STATUS_OK, TalkBan, array{}>|DataResponse<Http::STATUS_BAD_REQUEST, array{error: 'bannedActor'|'internalNote'|'moderator'|'self'|'room'}, array{}>
 	 *
 	 * 200: Ban successfully
 	 * 400: Actor information is invalid
--- a/lib/Service/BanService.php
+++ b/lib/Service/BanService.php
@ -44,6 +44,10 @@ class BanService {
 	 * @throws \InvalidArgumentException
 	 */
 	public function createBan(Room $room, string $moderatorActorType, string $moderatorActorId, string $moderatorDisplayname, string $bannedActorType, string $bannedActorId, DateTime $bannedTime, string $internalNote): Ban {
+		if (!in_array($room->getType(), [Room::TYPE_GROUP, Room::TYPE_PUBLIC], true)) {
+			throw new \InvalidArgumentException('room');
+		}
+
 		if (!in_array($bannedActorType, ['users', 'guests', 'ip'], true)) {
 			throw new \InvalidArgumentException('bannedActor');
 		}
--- a/openapi-full.json
+++ b/openapi-full.json
@ -2177,7 +2177,8 @@
                                                                "bannedActor",
                                                                "internalNote",
                                                                "moderator",
-                                                                "self"
+                                                                "self",
+                                                                "room"
                                                            ]
                                                        }
                                                    }
--- a/openapi.json
+++ b/openapi.json
@ -2064,7 +2064,8 @@
                                                                "bannedActor",
                                                                "internalNote",
                                                                "moderator",
-                                                                "self"
+                                                                "self",
+                                                                "room"
                                                            ]
                                                        }
                                                    }
--- a/src/types/openapi/openapi-full.ts
+++ b/src/types/openapi/openapi-full.ts
@ -2507,7 +2507,7 @@ export interface operations {
                            meta: components["schemas"]["OCSMeta"];
                            data: {
                                /** @enum {string} */
-                                error: "bannedActor" | "internalNote" | "moderator" | "self";
+                                error: "bannedActor" | "internalNote" | "moderator" | "self" | "room";
                            };
                        };
                    };
--- a/src/types/openapi/openapi.ts
+++ b/src/types/openapi/openapi.ts
@ -1988,7 +1988,7 @@ export interface operations {
                            meta: components["schemas"]["OCSMeta"];
                            data: {
                                /** @enum {string} */
-                                error: "bannedActor" | "internalNote" | "moderator" | "self";
+                                error: "bannedActor" | "internalNote" | "moderator" | "self" | "room";
                            };
                        };
                    };
--- a/tests/integration/features/bootstrap/FeatureContext.php
+++ b/tests/integration/features/bootstrap/FeatureContext.php
@ -1548,15 +1548,8 @@ class FeatureContext implements Context, SnippetAcceptingContext {

 	/**
 	 * @When /^user "([^"]*)" bans (user|group|email|remote|guest) "([^"]*)" from room "([^"]*)" with (\d+) \((v1)\)$/
-	 *
-	 * @param string $user
-	 * @param string $actorType
-	 * @param string $actorId
-	 * @param string $identifier
-	 * @param int $statusCode
-	 * @param string $apiVersion
 	 */
-	public function userBansUserFromRoom(string $user, string $actorType, string $actorId, string $identifier, int $statusCode, string $apiVersion = 'v1', TableNode $internalNote): void {
+	public function userBansUserFromRoom(string $user, string $actorType, string $actorId, string $identifier, int $statusCode, string $apiVersion = 'v1', ?TableNode $internalNote = null): void {
 		if ($actorType === 'guest') {
 			$actorId = self::$sessionNameToActorId[$actorId];
 		} elseif ($actorId === 'stranger') {
@ -1595,6 +1588,12 @@ class FeatureContext implements Context, SnippetAcceptingContext {
 			self::$userToBanId[self::$identifierToToken[$identifier]] ??= [];
 			self::$userToBanId[self::$identifierToToken[$identifier]][$actorType] ??= [];
 			self::$userToBanId[self::$identifierToToken[$identifier]][$actorType][$actorId] = $data['id'];
+		} elseif ($internalNote !== null) {
+			$internalNoteData = $internalNote->getRowsHash();
+			if (isset($internalNoteData['error'])) {
+				$data = $this->getDataFromResponse($this->response);
+				Assert::assertSame($internalNoteData['error'], $data['error']);
+			}
 		}
 	}

--- a/tests/integration/features/conversation-1/ban.feature
+++ b/tests/integration/features/conversation-1/ban.feature
@ -72,6 +72,7 @@ Feature: conversation/ban
        And user "participant1" joins room "room" with 200 (v4)
        And user "participant1" bans user "participant1" from room "room" with 400 (v1)
            | internalNote | BannedP1 |
+            | error | self |

    Scenario: Moderator trying to ban moderator
        Given user "participant1" creates room "room" (v4)
@ -83,6 +84,7 @@ Feature: conversation/ban
        And user "participant1" promotes "participant2" in room "room" with 200 (v4)
        And user "participant1" bans user "participant2" from room "room" with 400 (v1)
            | internalNote | BannedP2 |
+            | error | moderator |
        And user "participant1" demotes "participant2" in room "room" with 200 (v4)
        And user "participant1" bans user "participant2" from room "room" with 200 (v1)
            | internalNote | BannedP2 |
@ -179,3 +181,10 @@ Feature: conversation/ban
      | actorType  | actorId                     |
      | users      | participant1                |
      | groups     | group1                      |
+
+  Scenario: Can not ban in one-to-one conversations
+    Given user "participant1" creates room "one-to-one room" (v4)
+      | roomType | 1 |
+      | invite   | participant2 |
+    And user "participant1" bans user "participant2" from room "one-to-one room" with 400 (v1)
+      | error | room |